Описание
Data race in conqueue
Affected versions of this crate unconditionally implemented Send/Sync for QueueSender<T>, allowing to send non-Send T to other threads by invoking (&QueueSender<T>).send().
This fails to prevent users from creating data races by sending types like Rc<T> or Arc<Cell<T>> to other threads, which can lead to memory corruption. The flaw was corrected in commit 1e462c3 by imposing T: Send to both Send/Sync impls for QueueSender<T>/QueueReceiver<T>.
Пакеты
Наименование
conqueue
rust
Затронутые версииВерсия исправления
< 0.4.0
0.4.0
Связанные уязвимости
CVSS3: 8.1
nvd
больше 4 лет назад
An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender<T>.